Posted
by
Soulskillon Tuesday June 10, 2014 @01:53PM
from the just-what-you-never-wanted dept.

New submitter green453 writes: 'As a Houston resident with limited home broadband options, I found the following interesting: Dwight Silverman of the Houston Chronicle reports (warning: paywalled) that Comcast plans to turn 50,000 home routers into public Wi-Fi hotspots without their users providing consent. Comcast plans to eventually convert 150,000 home routers into a city-wide WiFi network. A similar post (with no paywall) by the same author on the SeattlePI Tech Blog explains the change. From the post on SeattlePI: "What's interesting about this move is that, by default, the feature is being turned on without its subscribers' prior consent. It's an opt-out system – you have to take action to not participate. Comcast spokesman Michael Bybee said on Monday that notices about the hotspot feature were mailed to customers a few weeks ago, and email notifications will go out after it's turned on. But it's a good bet that this will take many Comcast customers by surprise."'
This follows similar efforts in Chicago and the Twin Cities.

So does this mean that charges for copyright infringement (or other such activities) will no longer be brought against people based on IP Address evidence alone? Because this certainly gives a lot of people a lot of plausible deniability.

Secondly, how are the clients being compensated for the hotspot service they are now providing?

That's not true at all, and is a bad analogy. You own your house. If the bank has a mortgage, then they have a lien on the house. If they want to take possession of it, they have to go through a foreclosure proceeding. They can't just walk into your living room and start watching TV. Your house is real property, which has lots of strong protections. Comcast, on the other hand, does own the router that they lease to you, which is a chattel and therefore subject to a different set of rights. No, they can't walk in and just take it (that would violate your real property rights). But they do own the network, and if their contract with you is written in a way that permits them to reconfigure a leased router to grant somebody else access to their network over wireless signals that you're leaking out into the air anyway, then yeah, they can do that.

Yes, this is a shitty thing to do, but, Comcast is a shitty company, so no surprise there. But there is a simple answer. Turn it off. If you don't know how, do a little research and figure out how. If you can't be bothered to expend a little mental energy, then it must not be much of a problem.

Why is this such a bad thing? Everyone already knows that ISPs oversell their bandwidth. As long as you stillget the speed you are paying for why should you care if someone else is using your wifi anymore than you careif your neighbor is also a comcast subscriber. I doubt it increases your electricity cost and you get the benefit ofusing other people's wifi when you are out and about. This seems like a win-win for everyone. I don't see the problemif it's done correctly especially as you have multiple ways

As long as you still get the speed you are paying for why should you care if someone else is using your wifi anymore than you care if your neighbor is also a comcast subscriber.

Because someone might attach to your Wi-fi and share something in a manner that infringes copyright. Then, the MPAA/RIAA will come after you.

Note, I completely agree that targeting people based on IP address is idiotic, but you would be the person who would either need to spend the time/money to fight this lawsuit or would need to settle with them (likely agreeing that you did the crime) to make it go away.

On the upside, it could add more dents into the "this IP address proves it was that person" claims of the MPAA/RIAA, but who would want to volunteer for this expense? Or, more accurately, who would want Comcast to volunteer them for this expense unless they go through technological measures to opt out?

You obviously didn't read the article. They are using the wifi and completely segregating traffic. It appears with a distiinct SSID and on a different IP. The capacity is on a different channel, so gain the host user isn't affected.

Besides it further assumes that they are not using Carrier Grade NAT [wikipedia.org] which is exactly how Free, a French ISP that has been doing the same thing for years, is handling this.

Even better, as now all the WiFi users appear to come from a single IP as far as the MPAA/RIAA is concerned, which means the only way they can get more info is if Comcast keeps insanely detailed records about every one of these connections. Keeping normal accounting information won't be enough to identify a copyright infringer...Comcast would also have to keep the IP/port connection logs from the NAT device.

No no, the answer is to cancel your own Comcast service and mooch off your neighbours who don't know any better. Unfortunately you'll be hurting your neighbours, but in return you'll be hitting Comcast where it hurts not once, but twice: once for having dropped your service, and once again for using essentially the same service you used to pay for via their new city-wide free WiFi.

Seriously, what idiot thought this would be a good idea? Punish your customers and give moochers, criminals and cheapskates fr

*No, it was just a change in the AUP. That new AUP was on display.âoeOn display? I eventually had to go down to the cellar to find them.â*Thatâ(TM)s the display department.âoeWith a flashlight.â*Ah, well, the lights had probably gone.âoeSo had the stairs.â*But look, you found the notice, didnâ(TM)t you?âoeYes,â said Arthur, âoeyes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying âBeware of the Leopard.â

Comcast will be just as liable as they are now. This is not Comcast giving people access to your private network. For this to be even technologically feasible, it's going to have to be configured so that every router broadcasts the same SSID. That means it's going to be a separate virtual network from your home network. So some random guy is not going to be able to log onto your shared folders and print to your printer. If somebody downloads porn, it's going to show that it was some user (with a username and login) that logged into the public Comcast network, and happened to do it from your router. (But more than usual, see my.sig)

Given the scenario we're discussing, I would put real money on the SSL issue not stopping the vast majority of people.

Note: I am not in a Comcast area. I don't have first-hand experience with them, so this is all speculation.

That being said, I'm pretty sure this will be run on a captive portal (same as most hotels/coffee shops/etc), where the first UNENCRYPTED HTTP address will be redirected to a login page. The user will then have to supply whatever credentials that Comcast requires.

I'm assuming their modems/routers have a way of provisioning a second IP address so that the wifi hotspot doesn't get you in legal trouble (or steal your bandwidth).

If that is the case does that mean I just have to change my mac address and connect to the public wifi rather than my normal ssid, and I can torrent everything I want and not worry about getting hit by a copyright infringement law suite.

- Public wireless users will be using a different IP address from the LAN/internal wireless users.
- In order to use the "Public" wireless hotspot, you will need to already have a Comcast username and password. It's not OPEN wifi, but open to other Comcast subscribers.
- "Public" wifi bandwidth will not affect the bandwidth of the home router (so says Comcast).

- "Public" wifi bandwidth will not affect the bandwidth of the home router (so says Comcast).

Comcast also tells customers it delivers X Mbps of bandwidth. While some lucky customers in certain areas do get that, a vast majority don't. So, it might not affect what they call the maximum bandwidth, but for a majority of users it will affect their actual bandwidth.

This is about making some congressman or senator happy. They must have agreed somewhere to offer free wifi or something for cities in return for maintaining their monopolies. And this is how they're delivering.

In my area, I have Time Warner Cable (soon to be Comcast) and that's it. No FIOS or any other high speed, wired broadband. So if I don't like what TWC/Comcast does, what are my options beyond going without Internet service (not an option given that I'm a web developer).

Now I can start streaming TV episodes I missed once again, just as I did in the golden age of two years ago, even when my cable provider isn't one of the three tiny companies in the network apps "Verify My Cable Carrier" list.

How long before someone releases a tool that would have a Linux-running computer or device with a WiFi card masquerading as an official Comcast WiFi hotspot an collecting the usernames & passwords of the users trying to connect ?

The real problem here is people logging on to "comcast wifi" or whatever it's called using the same credentials they use to log on to their ISP account. How hard will it be for nogoodniks to set up hotspots called "comcast wifi" (or whatever) and scoop up all the credentials?

thousands of wifi routers providing free service. i might have to go back to a dumb phone and just carry around a small tablet everywhere i go. why pay extortion prices for cell data when wifi will be literally everywhere

Last I logged on to the local comcast wifi it was still using a webpage based authentication, so it probably would not be all that hard to fool the average consumer into signing onto a fake Comcast login page, esp since the malicious router could do its own DNS stuff.

We have this stuff here in Netherlands at one of the biggest providers (Ziggo). It seemed great to me at first, but turned out pretty much useless.

The problem is, these are home routers inside homes, this means they are low powered, not at ideal locations (not many homes in the mall, highway, train, etc), and also inside usually thick walls that stop a lot of the signal. It's just a frustrating experience, with your phone often falling in and out of connection and such. The 4G network gives a much better experience.

I have relatives in the Netherlands and the houses over there are built much more sturdily than the usual stick-built home in the US which doesn't have much structure to block wi-fi signals. However even in my thin-walled house the signal from my router barely reaches to the end of my back garden, so I expect anyone who would want to use it would have to stand on the street directly in front of my house.

This is why I don't use ISP provided equipment. I have my own cable modem (which is just a "basic" model without router functionality), and my "router" is a custom built Linux box (it handles the wifi as well with hostapd).

In my parts comcast charged 6 bucks a month, when I can go down to staples and buy a fairly good cable modem for 60 bucks that will last for years. Frankly trusting your cable co to be in charge of your wifi and firewall seems like a bad idea. It gets worse they ship these garbage routers to business setups and will insist they can not just bridge until pressed hard.

Yep. I actually don't have Comcast...I had Insight, which was then bought out by Time Warner (service has improved dramatically since TW took over by the way). The modem that was originally provided me was garbage and didn't support any of the higher speeds. Although, when it was Insight, it didn't matter, because they neglected the network for years until TW took over (the fastest speed available was 10mbit until the TW takeover, it took them a year but it's 50mbit now).
I just went and bought a Motoro

First, they charged me for the connection to my house at a certain speed. Then, they throttled everything I'd want that speed for. Then, they charged Netflix for the connection to my house. Now, they're offering the connection to my house to other customers when it already can't keep up with my needs or come close to their advertised speeds. What am I even paying for? The joy of twice monthly hour long phone calls to resolve outages?

I bet they'll count this as "upgrading their infrastructure," just another fine example of the innovation they claim will come to an end if ISPs are better regulated.

Because when you get served with a copyright infringement suit for downloading thousands of videos, or get hauled off to jail because your location was used for something illegal... that's where the real problems begin.

Unless we're meant to believe that this will in no way trace back to the home-owner, and be a completely air-gapped and firewalled thing. And, I must say, I'm skeptical of that.

If Comcast assigns a different IP address to wireless users than to the hosting wired user, there wouldn't be any confusion over if the wired user or a wireless user downloaded evil files.

Unless Comcast assigns a unique IP address to each wireless user (which I suspect they won't on IPV4) sorting out which, of possibly many, wireless users connected at the time of the download may require more tracking -- which I suspect Comcast will do.

I gave the CC built in WiFi a shot but it's horrible coverage and firmware (features) turned me away. I did a live chat and had them turn the WiFi off and they did it immediately, that way I could just use my own. It comes back on automatically about every 6 months (I'm assuming because of some upgrade) and I just live chat with them and have them turn it off. It has a big bright light when it's on so it's easy to tell. If this happens to me (near Houston), I'll just contact them again.

Cable broadband provider Telenet in Belgium did the same thing. When my old DOCSIS 2 modem died, they gave me (without any options) one of their all-in-one fancy new 'modems', with built in router with private + public wifi. To manage my modem settings i had to go to their webpage to change MY modem/router/lan/wifi settings, which would then be pushed to my modem locally. So if they're site is down (which happens quite regularly imo, for 'maintenance'), i can't manage my own LAN ! Heaven forbid if someone ever finds an exploit in those modems, all of their customers' LAN's will be compromised. I re-disabled the public wifi several times, after it got mysteriously re-enabled. Forget about calling support, you always get brain dead morons that won't deviate from their silly 'please reboot your modem' flowchart even though you can provide perfect logical reasoning to locate the problem. Power users are a nuisance to them.
Repeated calls to support to ask for a normal modem as a consumer were all fruitless. I later played my cards different with the business support desk (as a business owner) and with some social engineering was able to get someone to give permission(!) for me to get a normal modem at my local telenet supplier.
I have since installed this modem with behind it a router running custom firmware, where I control my LAN & WIFI. Speeds even more than doubled too !
As of last year Liberty Global own a 57.8% stake in Telenet. A USA telecommunications and television company that is buying up broadband providers worldwide. With recent revelations this is also worrisome, but we don't have another choice for cable provider.
Stay vigilant people, and demand what you have the rights to !

Here in holland and across europe the same is being done. The thing is, technically, many homes are hooked up with a line physically capable of say 20mpbs, but with only a 10mbps subscription. The extra bandwidth can be alotted to "guest users".

Similarly, even if someone has a 20(or more) mbps subscription on a 20mbps line, he/she won't be using all of it all of the time. So you can again use part of the bandwidth for guests. In this case it would be fair to give the original subscriber priority to use whatever he/she wants, and put the guests at a lower priority.

Oh, security wise they also separate the original subscriber from the guests.

I have the impression they do this "sensibly": the subscribers don't really have a valid reason to be upset about it.

And the thing is: If you're a subscriber, suddenly there are hundreds or thousands of places where you won't be using your 3G datalink but a wifi hotspot. Faster, cheaper!

It is my understanding that this will be done only on Comcast-owned equipment, and using a separate logical connection (like a VLAN) from the local subscriber data. This won't affect any subscriber data cap one way or the other. If a subscriber cancels, they probably unplug the Comcast equipment (so the wifi goes down) because they are supposed to return it to Comcast (or get billed).

I would rather have a system in which the public bandwidth comes out of the bandwidth I contract for, with my being compensated for the bandwidth the public uses and my being able to limit the public usage fraction either by bandwidth (personal QoS, I suppose) or by time of day. The marketing people could call this service your "Internet solar roof."

Yes, they magically double the connection speed, because the highest bandwidth available for home Comcast internet is typically a small percentage of what the line can carry.

The problem here, as I see it, is that the caps are low to begin with only because Comcast oversubscribes its backend hardware significantly. I'm betting the recently upgraded the back end, but rather than backing off caps they offer this new service instead.

I think you're confusing advertised speeds with actual. My city is not as densely populated as any of those this is being tested in, and the connection here slows to a crawl on weekends and weekday nights. If they really can offer this without it affecting the connection of the home, then their own claims of network congestion causing slowdowns must be completely false, or else further saturating any connection must cause an additional loss of speed. If they can simply offer more speed to a home to make up

While it's possible that your local link to the node is fine, a node can have upwards of 5,000 customers all sharing a single or teamed 10gb uplink. With 100mb internet becoming common, that's 500,000mb of customer bandwidth being forced into a 10gb-20gb uplink. The last thing you need is a bunch of freeloaders putting more stress on those poor nodes.

If Comcast was doing the Google Fiber setup, it would be more like 4tb of customer bandwidth sharing 4tb of "node" bandwidth.

Why? The cable modem will be able to figure out what traffic is coming from the home vs. coming via the public wifi, and can count those separately. (And can do different speed shaping and prioritization).

subscriber cancels service

Same question. If the cable modem is plugged in, they just need to block the ethernet and "personal" SSID, leaving the "public" SSID operational.

Why? The cable modem will be able to figure out what traffic is coming from the home vs. coming via the public wifi, and can count those separately. (And can do different speed shaping and prioritization).

As proven time and time again, cable companies seem to have a very difficult time accurately computing actual data usage. I wouldn't have a lot of faith that they can accurately keep track of data usage of two networks from the same cable modem.

Exactly. How long until a Grandpa Random User is charged a huge overage fee because "they" downloaded a fifty HD movies via torrents - when the downloads were actually Public WiFi users? Or, more insidious, Joe User is charged a small overage fee for just barely going over the cap when the real reason for the overage was one or two Public WiFi downloads being marked under the subscriber's account?

Yeah, I'm thinking if they start using the equipment they charged you for already, and the service they charged you for already, to provide public wifi for people who are not you, they should refund you the equipment cost and completely lift your monthly cap. Otherwise, If they require your username and password to access the network, then ding the person who is utilizing the network for the data, not the person whose network just got hijacked.

The usage is tied to the visitor's account, not necessarily the home owner. Does lead to interesting questions though. Is a subscriber usage limited (capped) when using other peoples wifi, if not, what happens when the home owner logs into their own router as a visitor?

why is this so complicated? comcast knows when you are at home, and when you are "roaming" on to other customers' wifi hotspots (because they make you login to them). wherever you are, your cap is applied to your account.

no, i don't have any special knowledge here, it just HAS to work that way or it's ripe for abuse.

Either Comcast will make their users pay because strangers will use their monthly quotas, or they have zero ability to calculate quotas in which case any current or past monthly quota overcharges are frauds.

And, if their security is incompetently implemented (which it likely will be), who bears liability?

If the police show up with a warrant saying you downloaded movies, or kiddie porn, or participated in a terrorist chatroom -- you're pretty much screwed, and all because Comcast decided to re-sell what you'

Well, that, or they'll track have the wifi access over a different VLAN, like similar schemes in other areas do. I can imagine someone that's about to go over their quota switching to the public hotspot's ssid to avoid charges, though. I'm not sure what comcast plans to do about that situation.

They'll probably just attach all traffic associated with your login to your account, whether it's on your cablemodem or on the wifi (if the wifi is comcast-customer-only, they'll have to have some way to authenticate that you're a comcast customer). Which will suck if/when someone gets your credentials (either by sniffing the radio or setting up a fake hotspot).

If this Public WiFi is free for Comcast subscribers without additional fees (and assuming the speeds are acceptable). Every Comcast customer should drop to the cheapest package and connect using the public connection SSID to receive all the free bandwidth they could want. I feel like there are some details that are being overlooked. The public connections will likely require a login of the comcast user and the wifi bandwidth used will come off the connected user's cap instead of the owner of the router bein